Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/03d342-a349-4656-9d40-b3e43d305b89/1/0CxSGqLabLUxW8n8zwYVdfOJ2xY.roa
File: 0CxSGqLabLUxW8n8zwYVdfOJ2xY.roa (raw, json)
Hash identifier: /WytKiyvjTKKgll+2d/BqOIhUOL82nVB+YzhYIi+j7g=
Subject key identifier: D0:2C:52:1A:A2:DA:6C:B5:31:5B:C9:FC:CF:06:15:75:F3:89:DB:16
Certificate issuer: /CN=5fa7b6aef0bd2411304e4f3c6957c82eb2567cd3
Certificate serial: 0185399DBA4AB1F141AD057933E0AAE11DA7
Authority key identifier: 5F:A7:B6:AE:F0:BD:24:11:30:4E:4F:3C:69:57:C8:2E:B2:56:7C:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X6e2rvC9JBEwTk88aVfILrJWfNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/03d342-a349-4656-9d40-b3e43d305b89/1/0CxSGqLabLUxW8n8zwYVdfOJ2xY.roa
Signing time: Thu 22 Dec 2022 11:35:16 +0000
ROA not before: Thu 22 Dec 2022 11:35:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201190
IP address blocks: 2001:67c:b0c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:9d:ba:4a:b1:f1:41:ad:05:79:33:e0:aa:e1:1d:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fa7b6aef0bd2411304e4f3c6957c82eb2567cd3
Validity
Not Before: Dec 22 11:35:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d02c521aa2da6cb5315bc9fccf061575f389db16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:d7:23:9b:93:2d:b9:55:b6:99:13:21:e3:
5c:75:36:98:f5:45:b4:44:7e:2d:b3:0f:37:89:58:
60:13:00:1d:40:1c:c9:24:1c:c7:42:81:fb:19:cf:
f7:8e:ae:9d:15:88:88:88:f8:0a:83:93:aa:c3:4d:
c8:bc:51:a1:cb:2f:fb:1f:e7:a6:c6:30:a9:55:29:
e7:94:c5:f0:f0:63:b8:bb:cc:d5:ab:dd:73:9b:3b:
1b:91:f8:a5:29:1e:bd:82:27:15:be:87:bd:81:f8:
8c:9b:ea:6a:1d:8b:12:f0:53:e2:cb:d5:8d:75:73:
72:95:7b:f7:c3:5c:e9:c2:6a:1c:3c:b7:33:6c:a6:
84:d9:7f:87:26:2f:52:da:e6:23:5c:2f:d5:5e:cd:
c2:15:82:5a:2e:d0:4a:4b:38:5d:69:d2:c7:3d:ff:
c2:89:c5:f5:22:9d:6e:50:4a:2a:66:b1:27:b5:76:
a2:a9:d2:02:f8:76:0e:98:0d:77:6e:d1:14:4b:22:
4d:e8:93:dd:6d:87:f3:da:49:6f:c4:b1:c5:bf:2e:
d8:be:e8:f6:4c:7f:f1:9d:62:83:87:65:1d:cc:f0:
71:da:de:f7:4a:7d:1a:d8:69:9b:a6:f6:2f:d1:25:
e5:a8:a6:cc:0c:98:da:b8:24:3c:36:86:23:2c:4a:
4e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:2C:52:1A:A2:DA:6C:B5:31:5B:C9:FC:CF:06:15:75:F3:89:DB:16
X509v3 Authority Key Identifier:
keyid:5F:A7:B6:AE:F0:BD:24:11:30:4E:4F:3C:69:57:C8:2E:B2:56:7C:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X6e2rvC9JBEwTk88aVfILrJWfNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/03d342-a349-4656-9d40-b3e43d305b89/1/0CxSGqLabLUxW8n8zwYVdfOJ2xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/03d342-a349-4656-9d40-b3e43d305b89/1/X6e2rvC9JBEwTk88aVfILrJWfNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b0c::/48
Signature Algorithm: sha256WithRSAEncryption
2a:40:a4:25:fd:e5:12:71:f4:c5:b2:1c:a9:43:d0:2d:9d:58:
0b:7f:fb:aa:db:ad:a8:48:c4:1d:56:90:d3:d0:d7:10:1a:82:
0e:32:39:04:5b:c4:1f:b8:89:bf:de:bc:a3:d0:af:19:21:bd:
54:5a:08:4d:19:99:77:0f:2b:65:10:c2:94:95:8d:17:a2:e1:
37:3e:09:62:d0:b9:20:ee:8c:c6:15:69:33:a8:0f:31:7c:a8:
13:06:60:19:e2:de:79:e8:ec:9c:6d:5b:0f:06:57:8c:0f:50:
ad:9a:a3:4d:01:9a:d6:d7:1a:4a:cc:46:ee:1d:1d:0e:6d:ac:
d5:c3:7f:b1:f3:a4:9c:11:83:17:9a:86:82:36:9b:51:e5:a4:
e5:2a:71:19:7d:5e:db:69:85:fb:43:ec:5b:88:4d:04:97:6b:
c0:ba:d9:99:3b:8c:11:5e:72:41:54:0b:66:ef:64:30:cf:6f:
02:58:e6:98:b9:95:96:51:8a:2d:09:4e:c6:1c:90:38:07:a1:
b6:9f:2a:77:3c:39:4c:50:41:7a:a3:b2:09:04:ce:37:a5:b0:
a6:96:7a:e0:ef:62:21:c9:56:95:41:73:65:75:8b:40:3e:a7:
9f:2c:7d:d4:1d:06:c4:94:48:85:95:a8:ad:94:65:4d:bf:5d:
6d:eb:48:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYU5nbpKsfFBrQV5M+Cq4R2nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYTdiNmFlZjBiZDI0MTEzMDRlNGYzYzY5NTdjODJlYjI1
NjdjZDMwHhcNMjIxMjIyMTEzNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDJjNTIxYWEyZGE2Y2I1MzE1YmM5ZmNjZjA2MTU3NWYzODlkYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDzXI5uTLblVtpkTIeNcdTaY9UW0
RH4tsw83iVhgEwAdQBzJJBzHQoH7Gc/3jq6dFYiIiPgKg5Oqw03IvFGhyy/7H+em
xjCpVSnnlMXw8GO4u8zVq91zmzsbkfilKR69gicVvoe9gfiMm+pqHYsS8FPiy9WN
dXNylXv3w1zpwmocPLczbKaE2X+HJi9S2uYjXC/VXs3CFYJaLtBKSzhdadLHPf/C
icX1Ip1uUEoqZrEntXaiqdIC+HYOmA13btEUSyJN6JPdbYfz2klvxLHFvy7Yvuj2
TH/xnWKDh2UdzPBx2t73Sn0a2GmbpvYv0SXlqKbMDJjauCQ8NoYjLEpO5QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNAsUhqi2my1MVvJ/M8GFXXzidsWMB8GA1UdIwQY
MBaAFF+ntq7wvSQRME5PPGlXyC6yVnzTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDZlMnJ2QzlKQkV3VGs4OGFWZklMckpXZk5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wM2QzNDItYTM0OS00NjU2LTlkNDAt
YjNlNDNkMzA1Yjg5LzEvMEN4U0dxTGFiTFV4VzhuOHp3WVZkZk9KMnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wM2QzNDItYTM0OS00NjU2LTlkNDAtYjNlNDNkMzA1Yjg5
LzEvWDZlMnJ2QzlKQkV3VGs4OGFWZklMckpXZk5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAsM
MA0GCSqGSIb3DQEBCwUAA4IBAQAqQKQl/eUScfTFshypQ9AtnVgLf/uq262oSMQd
VpDT0NcQGoIOMjkEW8QfuIm/3ryj0K8ZIb1UWghNGZl3DytlEMKUlY0XouE3Pgli
0Lkg7ozGFWkzqA8xfKgTBmAZ4t556OycbVsPBleMD1CtmqNNAZrW1xpKzEbuHR0O
bazVw3+x86ScEYMXmoaCNptR5aTlKnEZfV7baYX7Q+xbiE0El2vAutmZO4wRXnJB
VAtm72Qwz28CWOaYuZWWUYotCU7GHJA4B6G2nyp3PDlMUEF6o7IJBM43pbCmlnrg
72IhyVaVQXNldYtAPqefLH3UHQbElEiFlaitlGVNv11t60hI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:05 2024 by rpki-client on console-fra.rpki-client.org